Microsoft Seizes 240 Websites to Disrupt Global Distribution of Phish Kits
Microsoft has seized 240 websites associated with the “ONXX” phishing-as-a-service operation, and has sued the developer of this service
Information Security Magazine
Russian Cyber Spies Target Organizations with HatVibe and CherrySpy Malware
2 days 3 hours ago
Russian-aligned TAG-110 uses custom tools to spy on governments, human rights groups and educational institutions in Europe and Asia
Three-Quarters of Black Friday Spam Emails Identified as Scams
2 days 4 hours ago
Bitdefender found that 77% of Black Friday-themed spam emails in 2024 have been identified as scams, with attackers becoming more creative in their campaigns
Five Ransomware Groups Responsible for 40% of Cyber-Attacks in 2024
2 days 5 hours ago
Corvus Insurance highlighted the growing complexity and competition within the ransomware ecosystem, with the threat level remaining elevated
MITRE Unveils Top 25 Most Critical Software Flaws
2 days 6 hours ago
The 25 most dangerous software weaknesses between June 2023 and June 2024 are responsible for almost 32,000 vulnerabilities
Manufacturing Sector in the Crosshairs of Advanced Email Attacks
2 days 7 hours ago
Phishing attacks, business email compromise and vendor email compromise attacks on manufacturing have surged in the past 12 months
Linux Malware WolfsBane and FireWood Linked to Gelsemium APT
2 days 23 hours ago
New Linux malware WolfsBane and FireWood have been linked to Gelsemium APT, a cyber-espionage group targeting critical systems
Vietnam’s Infostealer Crackdown Reveals VietCredCare and DuckTail
2 days 23 hours ago
Group-IB revealed key differences in VietCredCare and DuckTail infostealer malware targeting Facebook Business accounts
Google OSS-Fuzz Harnesses AI to Expose 26 Hidden Security Vulnerabilities
3 days 1 hour ago
One of these flaws detected using LLMs was in the widely used OpenSSL library
BianLian Ransomware Group Adopts New Tactics, Posing Significant Risk
3 days 2 hours ago
The BianLian ransomware group has shifted exclusively to exfiltration-based extortion and is deploying multiple new TTPs for initial access and persistence
Lumma Stealer Proliferation Fueled by Telegram Activity
3 days 4 hours ago
Spreading malware via Telegram channels allows threat actors to bypass traditional detection mechanisms and reach a broad, unsuspecting audience
A Fifth of UK Enterprises “Not Sure” If NIS2 Applies
3 days 6 hours ago
Over a fifth of large UK businesses aren’t sure of their compliance responsibilities under the new NIS2 directive
Five Charged in Scattered Spider Case
3 days 6 hours ago
Five men have been indicted in connection with crimes committed by the Scattered Spider group
Five Privilege Escalation Flaws Found in Ubuntu needrestart
3 days 23 hours ago
Five LPE flaws in Ubuntu’s needrestart utility enable attackers to gain root access in versions prior to 3.8
60% of Emails with QR Codes Classified as Spam or Malicious
3 days 23 hours ago
60% of QR code emails are spam according findings from Cisco Talos, who also identified attackers using QR code art to bypass security filters
Chinese APT Group Targets Telecom Firms Linked to Belt and Road Initiative
4 days 3 hours ago
CrowdStrike unveiled a new Chinese-aligned hacking group allegedly spying on telecom providers
Apple Issues Emergency Security Update for Actively Exploited Vulnerabilities
4 days 4 hours ago
Apple has urged customers to download the security updates, which address vulnerabilities relating to the JavaScriptCore and WebKit frameworks
OWASP Warns of Growing Data Exposure Risk from AI in New Top 10 List for LLMs
4 days 5 hours ago
OWASP has updated its Top 10 list of risks for LLMs and GenAI, upgrading several areas and introducing new categories
Hackers Hijack Jupyter Servers for Sport Stream Ripping
4 days 6 hours ago
Aqua Security has observed threat actors using compromised Jupyter servers in a bid to illegally stream sporting events
One Deepfake Digital Identity Attack Strikes Every Five Minutes
4 days 6 hours ago
Entrust claims deepfakes are driving a surge in digital identity fraud
Checked
1 hour 19 minutes ago